Arbitrage fraud generated calls through by machine - VoIP General, VoIP News, VoIP Providers, VoIP hardware, VoIP software, VoIP Technology

Hello,

this contribution predominantly addresses itself to VoIP Betreiber/Reseller or Admins of a VoIP plant:
We had lately realtiv frequently attempted frauds on our plants of through by machine generated calls on service call numbers or international increase in value call numbers.
The pattern runs off always similarly: An account is solved and loaded with small assets. After some test calls are set off at the same time hundreds calls on a certain number and kept so long as possible (up to 1 hour per call).
The last attempt were call attempts on a number vistream of the GmbH +4915702488xxx.
Up to 50 calls were set off at the same time on this number. Any determinations and inquiries with vistream ran so far in the sand.
We have further such call attempts in our Logs e.g. on the following numbers registers:
+23222 (Sierra Leone)
+43820 (Austria mobile)
+37165 (Lithuania mobile)
I recommend to close all VoIP Admins aforementioned above call number circles.

Service call numbers and increase in value call numbers are itself Erich a legitimate and interesting business for people, which want to move in this environment.
To abuse these services by by machine generated calls on own IVR machines, and thus to all respectable offerers unnecessary administrative expenditure or financial damage to cause should be prevented.

I hope to have opened here an interesting and useful Thread and hope for one move exchange of experience.

Alfred

With Vistream however money does not flow, except if the call number with ring would be real (a MVNO is such as Vistream) gbs for the calling 3Cent/Minute.

There money can flow. Savings call uses a number (however the 015702480000) over over the gained Interconnect Calltrough into foreign nets to offer. Get the money of Vistream.
But where the problem lies? If Prepaid should, the connection (EN) with Guthaben=0 is broken off. If Postpaid, one should have examined the soil quality of the customer before

It does not concern here times so much the Billing topic at all. In the meantime each VoIP operator in this regard should have gained enough experiences and prepaid or either have worked only evenly postpaid with appropriate provision of security.

It goes also blocking channels for VoIP operators therefore that such attempted frauds paralyze resources unnecessarily, and to cause expenditure for the Firewall administrator.

Further Stbern in logs the additionally following call attempts resulted in
+43810104xxx, +43810955xxx, +48221988xxx, +393809007xxx, +25240212xxx, +2913000xxx

I understand this Thread not completely.

Arbitrage refers to different prices with offerers. In the Telekom surrounding field it can happen that an offerer e.g. as special offer 1 ct/min requires, while the call actually costs 1.2 ct/min. From these 1.2 ct/min do not come with the Terminierungsprovider certainly more than 1 ct/min on… rather clearly less… at a customer of this Provider even still much less. I see arbitrage in the Telco surrounding field therefore as if sea-honour with difficulty stored.

Indeed the Billing is the problem. It can be that a Provider for calls flat into a rare country 5 ct/min required, however surveys that there is also a lane of special call numbers, which cost 1 EUR/min.

On the other hand it can happen the fact that due to the partially within the range of weeks lying latency of off-line Billing direction-waters is called the special call number (in a short time the substantial) already its money gets, while the calling “final customers” have still no calculation over it. Wrong-basic are then the Interconnect operators and/or. first in the chain, which the caller through-placed… if the caller no more is not to be seized, develops partially. substantial, material damage.

The blockage of individual call number ranges is quite senseless, since then the described fraud model (that actually nothing with arbitrage, but with gaps in price models to do has) is pulled through evenly with other numbers. Finally helps only to make waterproof the price model and to use current Numbering of plan. If need be unclear numbering ranges become evenly consciously closed… they will be called anyway only by a tiny fraction of the users… if at all.

--gandalf.

Thanks at Gandalf for its detailed statement and more exact lighting of the problem.
I give you to the full extent quite and may supplement the following circumstances:
Our own call number plan covers in the meantime approx. 45,000 preselections (as KGV all attached carrier) and uses by means of LCR the most favorable in each case offerer for the call which can be set off. Used depending upon service level with incorrect calls dropbake or also not.

The attached carrier usually use a call number plan with approx. 12,000 preselections. Therefore the gaps in the price models are to be looked for rather there, and those are carrier among other things such as Verizon, Tata, Colt
Up to the blocked LINEs for ok one, so far all Traffic through by machine did not produce a problem and for nobody a damage. As long as the hacker not 100% of your capacity blocked and your “normal” customers can telephone further unimpaired, it is also still no problem, but probably even a good business.

Now one continues to think please however a step: The attached, completing carrier notices that he a gap in his price model has and that we as his customer into this “gap” immensely many minutes with always same call duration and always same CLI to have sent exactly. The carrier will be “emergency amused” and consequences will pull.
By the way scenario described above is a component and grounds for giving notice of each respectable carrier contract.

Further searches over internationally attainable increase in value call numbers resulted in:
http://www.premium-rates.com/international-numbers.asp
and
http://www.premiumtlc.com/

I recommend to block each VoIP offerer the call number lanes stated there.

Is correct… the Interconnect partners will not be inspired… here helps however my experience after only openness, i.e. e.g. a reporting over special activities, which one can communicate then also to its Interconnect or time limitation partners. Thus develops not the impression, one even such gaps would use, but addresses openly the topic, so that all can react accordingly. A anti- Fraud pattern gives it normally with all large Carriern, i.e. here such comes a reporting then also into the correct channels.

The appropriate Premium numbers should be provided with a clear price model or not geroutet simply (due to the off-line Billings the price at the call time there is still not at all clear), whereby for it naturally Upstream more complexity develop, i.e. became for such calls the carrier, from which the call proceeds, ideal-proves appropriate procedures already begins.

One can see and with appropriate countries also from their telecommunications Regulierern order Numbering of plan. Quite exactly e.g. is IMHO. the existence of http://www.numberingplans.com/?page=plans&sub=phonenr

--gandalf.

For Austria one can http://www.rtr.at/
look for numbers and their owners.
If someone described above problems with sterr. , Please a PM has call numbers (+43820 or +43810) to me. I reached already once that do not time limitation-repay were paid and so at least to the causer of the fraud its business model in question placed.

In the forum someone else made already similar experiences with further call number ranges here possible.

Who is responsible in each case, at the International Telecommunication Union will have to be experienced.

http://wiki.ip-phone-forum.de/telefonie:numbering:start

--gandalf.